Tải bản đầy đủ - 0 (trang)
14 A Proposal for a Solution Considering Both Fundamental Rights as Part of One System

14 A Proposal for a Solution Considering Both Fundamental Rights as Part of One System

Tải bản đầy đủ - 0trang

2.14  A Proposal for a Solution Considering Both Fundamental Rights as Part of One…



69



Under this proposal, the test of compatibility with the Charter would be based on

Article 8 Charter, not on Article 7. The test would be whether the requirements of

data protection are fulfilled. As part of the test of the fairness and lawfulness of data

processing, the European Court of Justice could analyse the interference of the right

to privacy. This includes not only the interference itself, but also the justification and

proportionality.

Since the Court of Justice deals with cases on the interpretation or validity of

secondary law and not on the interpretation of the Charter itself309 – at least that has

been the practice until now – the proposed approach will provide an appropriate

structure for assessing secondary law in the light of the fundamental rights of Article

7 and 8 Charter. While the right to privacy under Article 7 Charter potentially

extends to all uses of personal information on the internet, the system of checks and

balances foreseen in Article 8 Charter must deliver effective, but at the same time

proportionate protection. This would enable the Court to deal with the provisions

more logically as it could then examine cases in a more structured manner by scrutinising whether the requirements of data protection are fulfilled. Moreover, the

checks and balances included in data protection law could give practical meaning to

reasonable expectations of privacy.

This approach would have several advantages as it would allow to end the semantic discussion on the differences between privacy and data protection. It would fully

recognise the different nature of the rights, as discussed by Hustinx and others,

whereby Article 8 Charter serves as a provision specifying the safeguards for delivering privacy.310 In our view, this approach will not unduly limit the scope of Article

16 TFEU, and the rules adopted on this legal basis, to cases where privacy is

involved, given that Article 16 TFEU provides an autonomous and wide legal basis

and also mentions the free movement of data.

This approach would also bring the European Union more into line with the

international debate, where no distinction is made between privacy and data protection. This alignment with the international debate would facilitate the negotiating

position of the Union and allow it to concentrate in international fora on the substance of the protection. Furthermore, this approach would contribute to global

solutions and simplify the discussions on extraterritorial application of EU law.

Admittedly, this approach does not reflect the views of those who consider data

protection to be a much broader notion than privacy since it goes beyond what is

‘private’. Docksey, for example, makes a distinction between what is personal and

what is private. He refers in this context for instance to Österreichischer Rundfunk

and others,311 where the Court of Justice ruled that the mere recording of employee

data does not constitute interference with the right to privacy under Article 8 ECHR,

whereas communication of these data to others does constitute such interference.

Apparently there is – or at least there was, as this case dates from before the Lisbon

Treaty – a domain where data protection rules apply outside the scope of privacy.

309



 As will be explained in Chap. 5.

 As well as other fundamental rights.

311

 Case C-465/00, Österreichischer Rundfunk and others, EU:C:2003:294, at 73–74.

310



70



2  Privacy and Data Protection as Values of the EU That Matter, Also…



This leads to the argument submitted by this book as decisive. The distinction

between privacy and data protection no longer makes any sense in the era of big

data, where all personal data processing potentially affects privacy in the broad

sense, as recognised in the case law of the European Court of Human Rights and the

Court of Justice of the European Union. Moreover, by combining Articles 7 and 8

Charter, the Court of Justice has arguably adopted a different approach since the

entry into force of the Lisbon Treaty.



2.15  Conclusions

Privacy and data protection are constitutional values that matter in a networked

information society. However, the internet is resulting in a substantive increase in

the use of massive amounts of data and a loss of control over these data. This may

create substantive risks, both for individuals and for our democratic societies, if not

accompanied by effective and legitimate rules that counterbalance the undesired

effects.

This chapter explained general features of the rights to privacy and data protection, and more specifically when respect for privacy and data protection is needed

on the internet. The entitlement of individuals to full privacy and data protection

generates a positive duty for the European Union and national governments within

the scope of EU law to ensure protection,312 even with regard to a first-generation

fundamental right, as is definitely the case with the right to privacy in Article 7

Charter, which primarily requires governments to abstain. Fulfilment of this duty is

needed to promote democracy and, even more directly, the rule of law in its essential

fashion as this “requires as a minimum that the law actually rules”.313 For data protection, the duty to protect this fundamental right is laid down in Article 16 TFEU.

A general design of privacy and data protection as part of a European Union

based on values starts with the high ambitions of the Union in promoting its values,

particularly democracy, the rule of law and fundamental rights. These three values

are inextricably linked. These values are shared between all the Member States and

represent the premise of mutual trust among the Member States themselves and

between the Member States and the Union (Sect. 2.2).

Privacy and data protection are constitutional values that matter, also on the

internet, although people value the seriousness of privacy breaches in diverging

ways. Greenwald gives two convincing arguments for privacy and data protection:

there are no good and bad people, and monitoring changes behaviour. The effect of

312



 One could argue that a similar obligation already exists under Article 1 ECHR, whereby the

High Contracting Parties – which include all EU Member States – “shall secure to everyone within

their jurisdiction the rights and freedoms […]”.

313

 As explained in Sect. 2.5 above, based on Armin von Bogdandy, Michael Ioannidis, “Systemic

deficiency in the rule of law: What it is, what has been done, what can be done”, CMLR, 51: 

59–96, at 63.



2.15 Conclusions



71



breaches of these rights are summarised, firstly, as a lack of control over information, thus hampering the autonomy of individuals, and, secondly, as full transparency of individuals and their behaviour, thus hampering their dignity (Sect. 2.3).

The European Union has ambitions in promoting democracy. A free internet is

needed, but not an unprotected internet. A free internet empowers individuals to

share information in an unprecedented way and boosts democracy. Although governments must in principle abstain from intervention, there are certain situations in

which they should also actively ensure democratic rights, particularly internet privacy and data protection. Democratic governments must also protect society against

threats, including those caused by serious crime and terrorism (Sect. 2.4).

The European Union has ambitions in promoting the rule of law. The rule of law

in its essential fashion, whereby it “requires as a minimum that the law actually

rules”, is not always respected. Under the rule of law, there must be order in society

and control of power, and everyone is entitled to effective legal protection. There is

a close link between the rule of law and data protection. The (lack of) effective

redress on the internet is a main theme in privacy and data protection (Sect. 2.5).

The European Union also has ambitions in promoting fundamental rights, which

are broadly applicable. In an internet context, this entails individuals being entitled

to the protection of fundamental rights when they are active on the internet (online),

in the same way as when they are acting in any other capacity (offline). Moreover,

the external dimension – protection vis-à-vis actors in third countries – has an

increased weight. However, individuals are not entitled to protection against all

risks on the internet, and there is no zero-risk approach (Sect. 2.6).

Fundamental rights protection in horizontal relations acquires a new dimension

on the internet. However, the impact of the Charter is not fully clear in this respect.

The following arguments support the applicability of privacy and data protection in

horizontal relations on the internet: the Charter is part of EU law; the case law recognizes the horizontal applicability of certain provisions of the Charter, and data

protection explicitly aims to prevent possible misuse of personal information in the

private sector, also in view of the dominant position of big internet companies (Sect.

2.7).

The right to privacy is a broad and dynamic concept on the internet, extending to

the public sphere. Human dignity and personal autonomy are underlying values.

Privacy has a broad scope, but in the view of the European Court of Human Rights

and the Court of Justice it does not encompass all use of personal information. This

book challenges this limitation of scope. On the internet, the distinctions between

the private sphere and the public sphere are blurring, while one cannot know in

advance how data will be used in the era of big data (Sect. 2.8).

Privacy can be understood by looking at qualified interests: information is used

by governments, health data are revealed, vulnerable groups are identified and reputations are lost. This book argues that qualified interests are not a condition for

bringing the use of personal data within the scope of privacy, but rather they determine the assessment of any interference of this right. Two reasons support this argument: the Court of Justice does not make a systematic distinction between privacy

and data protection, and all processing of personal data on the internet potentially

affects privacy (Sect. 2.9).



72



2  Privacy and Data Protection as Values of the EU That Matter, Also…



The right to data protection developed as a response to technological developments. Directive 95/46 had a double objective of promoting an internal market of

personal data and protecting the individual. The inclusion of data protection in

Article 16 TFEU and in Article 8 Charter implies a change in the centre of gravity

of data protection, towards fundamental rights protection. The developments in the

area of freedom, security and justice confirm this change (Sect. 2.10).

The right to data protection is a claim based on fairness and provides safeguards

where personal data are processed. This book argues that data protection is not

based on the right to informational self-determination, which gives the individual a

right to prevent the processing of personal data. There is no right to prevent processing. This is the result of how the European Court of Justice emphasises the balancing of various interests, and the result of the internet, with big data and the processing

of personal data by search engines without consent as examples. The emphasis on

fairness should not result in weak protection (Sect. 2.11).

Data protection constitutes ‘the rules of the game’ or ‘a system of checks and

balances’. The underlying value is not important. The right is respected when the

conditions of Article 8(2) Charter are fulfilled; this should be scrutinised in a test

under Article 8(2) Charter. In substance, this test is similar to a proportionality test

under Article 52(1) Charter, although the test should not serve to establish whether

there is interference with a fundamental right, but instead whether the personal data

have been fairly processed according to the conditions laid down in Article 8(2)

Charter and in secondary EU law. Since the much stricter test under Article 52(1)

Charter is not appropriate for data protection, the information society needs this

new kind of testing (Sect. 2.12).

Privacy and data protection are two sides of the same coin, both reflecting human

dignity. The right to privacy represents a normative value, while the right to data

protection represents the ‘rules of the game’. It is not important to distinguish

between privacy and data protection on the internet, due to the growing importance

of informational privacy, and the broad scope of privacy extending to the public

sphere. The European Court of Human Rights and the Court of Justice of the

European Union interpret privacy broadly, and the latter does not make a systematic

distinction between the two fundamental rights (Sect. 2.13).

This book proposes, instead of distinguishing the closely related rights to privacy

and data protection, to considering both fundamental rights as part of one system,

whereby the right to privacy – in its broad meaning – represents the value that

requires protection (why protection is needed), while the right to data protection

represents the structure of protection (how protection is delivered). The proposed

approach provides a structure for the assessment of secondary law in the light of the

fundamental rights of Articles 7 and 8 Charter. The approach reflects the reality in

the era of big data, where all personal data processing potentially affects privacy

(Sect. 2.14).

This proposal allows an approach whereby the Court of Justice of the European

Union could examine cases on privacy and data protection in a more structured

manner by scrutinising whether the requirements of data protection are fulfilled. As



References



73



part of the test of the fairness and lawfulness of data processing, the Court could

analyse interference of the right to privacy.



References

Barak, Aharon. 2012. Proportionality; constitutional rights and their limitations. Cambridge

University Press.

Bernal, P. 2014. Internet privacy rights, rights to protect autonomy. Cambridge University Press.

Boehm, Franziska. 2012. Information sharing and data protection in the area of freedom, security

and justice, towards harmonised data protection principles for information exchange at

EU-level. Springer.

Buitelaar, J.C. 2012. Privacy: Back to the roots. German Law Journal 13: 171–202.

Bygrave, Lee A. 2010. Privacy and data protection in an international perspective, Stockholm

Institute for Scandinavian Law & Lee A Bygrave. Available on: http://www.uio.no/studier/

emner/jus/jus/JUS5630/v13/undervisningsmateriale/privacy-and-data-protection-in-­­

international-perspective.pdf.

Craig, Paul, and Grainne de Búrca. 2011. EU law: Text, cases and material, 5th ed. Oxford

University Press.

Craig, Paul, and Grainne de Búrca (eds.). 2011. The evolution of EU law, 2nd ed. Oxford University

Press.

de Mol, Mirjam. 2011. The novel approach of the CJEU on the horizontal direct effect of the EU

principle of non-discrimination: Unbridled expansionism of EU law? Maastricht Journal of

European and Comparative Law 18(1–2): 109–135.

Docksey, Christopher. 2015. Articles 7 and 8 of the EU charter: Two distinct fundamental rights.

In: Enjeux européens et mondiaux de la protection des données personelles, ed. Alain Grosjean,

63–89. Larcier.

Eggers, Dave. 2013. The Circle. Random House LLC.

Engl, Eric. 2009. Third party effect of fundamental rights (Drittwirkung). Hanse Law Review 5(2):

2009.

Fabre, C. 1998. Constitutionalising social rights. The Journal of Political Philosophy 6(3):

263–284.

Ferretti, Federico. 2014. Data protection and the legitimate interest of data controllers: Much ado

about nothing or the winter of rights? Common Market Law Review 51: 843–868.

Gellert, Raphael, and Serge Gutwirth. 2013. The legal construction of privacy and data protection.

Computer Law & Security Review (CLSR) 29: 522–530.

Gerards, J.H. 2008. Fundamental rights and other interests – Should it really make a difference? In

Conflicts between fundamental rights, ed. E. Brems, 655–690. Intersentia.

González Fuster, G. 2014. The emergence of personal data protection as a fundamental right of the

EU. Springer, Law, Governance and Technology Series 16: 2014.

González Fuster, Gloria, and Serge Gutwirth. 2013. Opening up personal data protection: A conceptual controversy. Computer Law & Security Review (CLSR) 29: 531–539.

González Fuster, Gloria. 2015. Curtailing a right in flux: Restrictions of the right to personal data

protection. In: Hacia un Nuevo derecho europea de protección de datos, Towards a new

European Data Protection Regime, ed. Artemi Rallo Lombarte, and Rosario García Mahamut,

Tirant lo Blanch.

Greenwald, Glenn. 2014. No place to hide: Edward Snowden, the NSA and the surveillance state.

Metropolitan Books/Henry Holt (NY).



74



2  Privacy and Data Protection as Values of the EU That Matter, Also…



Greenwald, Glenn. 2014. Why privacy matters. TED Talk October 2014, interactive transcript.

Available

on:

http://www.ted.com/talks/glenn_greenwald_why_privacy_matters/

transcript?language=en.

Gutwirth, S. et al. (eds.). 2009. Reinventing data protection? Springer.

Hert, Paul De. 1998. Art. 8 E.V.R.M. en het Belgisch Recht, Bescherming van privacy, woonst,

gezin en communicatie, Mys en Breesch.

Hijmans, Hielke, and Herke Kranenborg. (eds), 2014, Data protection Anno 2014: How to restore

trust?, Contributions in honour of Peter Hustinx, European Data Protection Supervisor (2004–

2014), Intersentia.

Hijmans, H., and A. Scirocco. 2009. Shortcomings in EU data protection in the third and the second pillars. Can the Lisbon Treaty be expected to help? Common Market Law Review 46:

1485–1525.

Hustinx, Peter. 2013. EU data protection law: The review of directive 95/46/EC and the proposed

general data protection regulation. In Collected courses of the European University Institute’s

Academy of European Law, 24th Session on European Union Law, 1–12 July 2013.

Ishay, Micheline R. 2008. The history of human rights: From ancient times to the globalization

era. University of California Press.

Kosta, Eleni. 2015. Construing the meaning of ‘Opt-Out’ – An analysis of the European, U.K. and

German data protection legislation. European Data Protection Law Review 1: 16–31.

Kulk, Stefan, and Frederik J. Zuiderveen Borgesius. 2014. Google Spain v. González: Did the

court forget about freedom of expression? European Journal of Risk Regulation 5(3):

389–398.

Kuner, Christopher. 2013. Transborder data flows and data privacy law. Oxford University Press.

Lautenbach, Geranne. 2013. The concept of the rule of law and the European court of human

rights. Oxford University Press.

Lenaerts, Koen, and Piet van Nuffel. 2011. European union law, 3rd ed. Sweet & Maxwell.

Lynskey, Orla. 2014. Deconstructing data protection: The ‘added-value’ of a right to data protection in the EU legal order. International and Comparative Law Quarterly 63(3): 569–597.

Mayer-Schönberger, Viktor, and Kenneth Cukier. 2013. Big data: A revolution that will transform

how we live, work, and think. Eamon Dolan/Houghton Mifflin Harcourt.

Middelaar, Luuk van. 2009. De passage naar Europa. Geschiedenis van een begin (published in

English as: The Passage to Europe: How a Continent Became a Union), Historische Uitgeverij

Murphy, Erin. 2013. The politics of privacy in the criminal justice system: Information disclosure,

the fourth amendment, and statutory law enforcement exemptions. Michigan Law Review

111(4): 485–546.

Oliver, P. 2009. The protection of privacy in the economic sphere before the European Court of

Justice. Common Market Law Review 46: 1443–1483.

Pech, L. 2012. Rule of law as a guiding principle of the European Union’s external action, Centre

for the Law of EU External Relations (CLEER), T.M.C. Asser Instituut, available on: http://

www.asser.nl/upload/documents/2102012_33322cleer2012-3web.pdf.

Peers, S. 2014. The CJEU’s Google Spain judgment: Failing to balance privacy and freedom of

expression. EU Law Analysis (2014). Available on:http://eulawanalysis.blogspot.be/2014/05/

the-cjeus-google-spain-judgment-failing.html.

Peers, Steve, Tamara Hervey, Jeff Kenner, and Angela Ward (eds.). 2014. The EU charter of fundamental rights, a commentary. Oxford: Hart Publishing.

Prechal, Sacha. 2015. The court of justice and effective judicial protection: What has the charter

changed? In Fundamental rights in international and European law – Public and private law

perspectives, ed. Christophe Paulussen, Tamara Takács, Vesna Lazic, and Ben Van Rompuy,

143–160. T.M.C. Asser Press/Springer.

Purtova, Nadezhda. 2009. Property rights in personal data: Learning from the American discourse.

Computer Law & Security Review 25(6): 507–521. Available on: http://papers.ssrn.com/sol3/

papers.cfm?abstract_id=1554341.

Rainey, Bernadette, Elizabeth Wicks, and Clare Ovey. 2014. Jacobs, White & Ovey: The European

convention on human rights, 6th ed. Oxford University Press.



References



75



Riviốre, Hippolyte-Ferrộol. 1878. Codes Franỗais et Lois Usuelles, A.Maresq Ainé.

Rosas, Allan, and Lorna Armati. 2010. EU constitutional law, an introduction. Hart Publishing.

Rotenberg, Marc, Julia Horwitz, and Jeramie Scott (eds.). 2015. Privacy in the modern age, the

search for solutions. The New Press.

Rule, James, Douglas McAdam, Linda Stearns, and David Uglow. 1980. The politics of privacy,

planning for personal data systems as powerful technologies. Elsevier.

Schneier, Bruce. 2015. Data and Goliath. W.W. Norton & Company.

Tamanaha, Brian. 2007. A concise guide to the rule of law. St. John’s University School of Law.

Verhey, L.F.M. 1992. Horizontale werking van grondrechten, in het bijzonder op het recht van

privacy, Tjeenk Willink 1992.

von Bogdandy, Armin, and Michael Ioannidis. 2014. Systemic deficiency in the rule of law: What

it is, what has been done, what can be done. Common Market Law Review 51: 59–96.

Warren, Samuel, and Louis Brandeis. 1890. The right to privacy. Harvard Law Review IV (5,

December 15).

Westin, Alan F. 1967. Privacy and freedom. Atheneum.



Chapter 3



Internet and Loss of Control in an Era of Big

Data and Mass Surveillance



Abstract This chapter describes certain developments in the internet economy

and in communications on the internet that affect the safeguarding of privacy and

data protection of individuals and identifies challenges for privacy and data protection on the internet. It depicts the internet as a single unfragmented space with

a loose government structure. Freedom on the internet is a great good, yet it is

under threat in a reality where big companies and governments exercise wide

powers.



Big data justifies a qualitative shift in thinking, because it enables unprecedented

predictions on private lives and because it shifts power relations. Mass surveillance

is the second phenomenon changing our societies, since surveillance is something

people cannot avoid.

These phenomena change the perspective of the European Union and the Member

States; both are losing control. The governance structure of the internet is an example of the declining role of the nation state and, more in general, of governments

becoming more dependent on the private sector. The reality of the internet is difficult to reconcile with core data protection principles. Finally, there is the problem of

overlapping jurisdictions in an unfragmented internet. The Chapter contains introductory ideas on how to regain control.



© Springer International Publishing Switzerland 2016

H. Hijmans, The European Union as Guardian of Internet Privacy, Law,

Governance and Technology Series 31, DOI 10.1007/978-3-319-34090-6_3



77



78



3.1



3



Internet and Loss of Control in an Era of Big Data and Mass Surveillance



Introduction



This book starts from the perception that the online environment is different from

the physical world and that on the internet, as a global network with a loose government structure, control over personal data has been lost.1 However, individuals

remain fully entitled to protection of these fundamental rights. Where control is

lost, control needs to be regained. It is the responsibility of governments, be it the

European Union or national governments, to deliver this result.

The first objective of the chapter is to demonstrate that our societies are changing

in a fundamental way, affecting privacy and data protection. The second objective is

to clarify the perspective of the European Union and national governments: which

changes are they faced with and what are the directions for regaining control?

The ambition of this chapter is limited: it deals with the protection of constitutional values on the internet. The internet economy’s main features and developments in internet communications are described in an abstract way to avoid these

sections becoming obsolete when new technology emerges.

The chapter is based on sources that enjoy a wide recognition in the debates on

internet developments, including – where relevant – short arguments of what commentators regard as the most imminent threats to the functioning of the internet. It

is meant to be illustrative, not exhaustive. This also explains the choice for big data

and mass surveillance as central themes. This choice could have been different and

could also have included internet security as main theme.2

This chapter includes the following subjects:

(a) The general design of the internet and the loss of control over personal data

(Sect. 3.2);

(b) The internet as a single unfragmented space with a loose government structure,

and networked societies (Sects. 3.3, 3.4, and 3.5);

(c) Big data justifying a qualitative shift in thinking (Sect. 3.6);

(d) Surveillance that people cannot avoid (Sects. 3.7 and 3.8);

(e) The changed perspective of the European Union and the Member States (Sect.

3.9);

(f) Introductory ideas how to regain control (Sect. 3.10).



1



Based on the introduction of Hijmans and Kranenborg in: Hielke Hijmans and Herke Kranenborg,

Data Protection Anno 2014: How to Restore Trust? Contributions in honour of Peter Hustinx,

European Data Protection Supervisor (2004–2014), Intersentia, 2014.

2

Svantesson for instance includes security difficulties as significant change in the online environment; see: Dan Jerker B. Svantesson, Extraterritoriality in Data Privacy Law, Ex Tuto Publishing

2013, at 46.



3.2



3.2



A General Design of the Internet and the Loss of Control Over Personal Data



79



A General Design of the Internet and the Loss of Control

Over Personal Data



At the start of the 2009 edition of his Rise of the Network Society3 Castells observes:

“We live in confusing times, as is often the case in periods of historical transition

between different forms of society. This is because the intellectual categories that

we use to understand what happens around us have been coined in different circumstances, and can hardly grasp what is new by referring to the past.”

This chapter describes what the European Commission identifies as motive for

the reform of the data protection framework in the EU4: the rapid pace of technological change and globalisation, leading to a new online environment. The new

online environment is also known as the information age, the network society or the

information society.5 These qualifications capture the essence of societal developments and have also inspired this book on privacy and data protection on the

internet.

The information society, or the information age as Castells calls it,6 is a period of

unprecedented technological change, both in terms of the extent and speed of

change.7 The essence of the change is not the technology itself, but the diffusion of

technology in society and the fundamental changes in society it causes. The internet

itself provides the classical example to explain this: while internet technology was

first deployed in 1969, it was only in the 1990s that it was widely diffused and

started to have a significant impact on societies, also due to other developments,

such as the wide-scale deregulatory movements and globalisation of markets.8

The internet is a global structure. In this digital environment governments lack

sufficient means to ensure effective protection of constitutional values, such as the

rights to privacy and data protection. This chapter characterises the main features of

the internet and developments in communications on the internet on the basis of the

3



Manuel Castells, The Rise of the Network Society, Volume I: The Information Age: Economy,

Society and Culture (2nd edition), Wiley-Blackwell, 2009, Preface.

4

Communication from the Commission to the European Parliament, the Council, the European

Economic and Social Committee and the Committee of the Regions, Safeguarding Privacy in a

Connected World A European Data Protection Framework for the 21st Century, COM (2012), 9

final.

5

See, e.g., Manuel Castells, The Rise of the Network Society, Volume I: The Information Age:

Economy, Society and Culture (2nd edition), Wiley-Blackwell, 2009, with reference to the title of

the book and various sections on the information society. This chapter of the book mainly uses the

term information society.

6

Manuel Castells, The Rise of the Network Society, Volume I: The Information Age: Economy,

Society and Culture (2nd edition), Wiley-Blackwell, 2009, as summarised in the conclusion, e.g.

at 500.

7

OECD Guide to Measuring the Information Society 2011, at 14, available on: http://www.oecdbookshop.org/en/browse/title-detail/OECD-Guide-to-Measuring-the-Information-Society2011/?K=5KGDZVDJ27BQ.

8

In the era of Reagan and Thatcher or The Real New Economic Order, as described in Mark

Mazower, Governing the World: The History of an Idea, Penguin Putnam Inc, 2012, Chapter 12.



80



3



Internet and Loss of Control in an Era of Big Data and Mass Surveillance



concept of the internet as a Networked Society as described by Castells9: an environment with an open and globalised structure where the influence of governments

is initially limited. This environment has created freedom for individuals, but it also

complicates the power of governments where they have to fulfil their legitimate

tasks in protecting their citizens.

This double-faced tendency on the internet of creating societal benefits on the

one hand while leaving the protection of fundamental constitutional values at least

ineffective may be illustrated by two phenomena of concern to privacy and data

protection. The first phenomenon is big data, a broad term for data sets so large or

complex that traditional concepts of data processing are inadequate.10 The use of big

data has significant benefits for society, since it “allows to crunch a vast quantity of

information, analyse it instantly and draw sometimes astonishing conclusions from

it”.11 However, the evolving era of big data makes the loss of control over personal

information as such visible.

The other phenomenon, mass surveillance by governments and private companies, demonstrates the impact on the fundamental rights of individuals.12 The Court

of Justice of the European Union underlined the intrusiveness of surveillance in

Digital Rights Ireland and Seitlinger: it is “likely to generate in the minds of the

persons concerned the feeling that their private lives are the subject of constant

surveillance”.13 Surveillance, in particular, is problematic, since the internet is supposed to be a place where individuals should be able to express themselves anonymously, make mistakes and explore their identities.14

These two phenomena deserve particular emphasis, because of the direct impact

on the mandate of the European Union to ensure privacy and data protection. They

are the phenomena giving evidence of the loss of control of individuals over their

personal data and of the capability of governments to deliver protection. Privacy and

data protection is described in this book as an essential domain where the role of

government is or should be undisputed.

9



Manuel Castells, The Rise of the Network Society, Volume I: The Information Age: Economy,

Society and Culture (2nd edition), Wiley-Blackwell, 2009; Manuel Castells, “A Network Theory

of Power”, International Journal of Communication, 5, pp. 773–787, 2011. See also: Yochai

Benkler, “Networks of Power, Degrees of Freedom”, International Journal of Communication, 5

(2011), Harvard Law School, pp. 721–755.

10

Wording taken from Wikipedia; see: https://en.wikipedia.org/wiki/Big_data. Further read: Big

Data and Privacy: A Technological Perspective, Executive Office of the President, President’s

Council of Advisors on Science and Technology (PCAST Report), available on: https://www.

whitehouse.gov/sites/default/files/docs/big_data_privacy_report_may_1_2014.pdf.

11

Viktor Mayer-Schönberger and Kenneth Cukier, Big Data: A Revolution That Will Transform

How We Live, Work, and Think, Eamon Dolan/Houghton Mifflin Harcourt, 2013.

12

Further read on mass surveillance: Hijmans and Kranenborg, in: Hielke Hijmans and Herke

Kranenborg (eds), Data Protection Anno 2014: How to Restore Trust? Contributions in honour of

Peter Hustinx, European Data Protection Supervisor (2004–2014), Intersentia, 2014.

13

Joined cases C-293/12 and C-594/12, Digital Rights Ireland (C-293/12) and Seitlinger

(C-594/12), EU:C:2014:238, at 37.

14

This is connected to the argument in this book that privacy remains important in the information

society. See mainly Chap. 2, Sect. 2.3.



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

14 A Proposal for a Solution Considering Both Fundamental Rights as Part of One System

Tải bản đầy đủ ngay(0 tr)

×